Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-203 (通过差异性导致的信息暴露) — Vulnerability Class 129

129 vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-57770 ZITADEL user enumeration vulnerability in login UI — zitadel 5.3 Medium2025-08-22
CVE-2025-43751 Liferay Portal和Liferay DXP 安全漏洞 — Portal 7.5AIHighAI2025-08-22
CVE-2025-43743 Liferay Portal和Liferay DXP 安全漏洞 — Portal 4.3AIMediumAI2025-08-19
CVE-2025-43739 Liferay Portal和Liferay DXP 安全漏洞 — Portal 4.1AIMediumAI2025-08-19
CVE-2025-54999 OpenBao: Timing Side-Channel in Userpass Auth Method — openbao 3.7 Low2025-08-09
CVE-2025-47872 EG4 Electronics EG4 Inverters Observable Discrepancy — EG4 12kPV 5.8 Medium2025-08-08
CVE-2025-6011 Timing Side-Channel in Vault’s Userpass Auth Method — Vault 3.7 Low2025-08-01
CVE-2025-24391 Possible user enumeration — OTRS 5.3 Medium2025-07-14
CVE-2025-6386 Timing Attack Vulnerability in parisneo/lollms — parisneo/lollms 5.9AIMediumAI2025-07-07
CVE-2025-6056 Ergon Informatik AG Airlock IAM 安全漏洞 — Airlock IAM 5.3 -2025-07-04
CVE-2025-40732 User enumeration vulnerability in Daily Expense Manager — Daily Expense Manager 5.3AIMediumAI2025-06-30
CVE-2025-52576 Kanboard vulnerable to Username Enumeration via Login Behavior and Bruteforce Protection Bypass — kanboard 5.3 Medium2025-06-25
CVE-2024-47057 User name enumeration possible due to response time difference on password reset form — Mautic 5.3 Medium2025-05-28
CVE-2025-46804 Screen 5.0.0 and older versions allow file existence tests when installed setuid-root 3.3 Low2025-05-26
CVE-2025-23182 UBtech – CWE-203: Observable Discrepancy — Freepass 4.3 Medium2025-05-22
CVE-2025-46720 Keystone has an unintended `isFilterable` bypass that can be used as an oracle to match hidden fields — keystone 3.1 Low2025-05-05
CVE-2021-47664 Enumeration of valid user names — Franka Emika Robot 5.3 Medium2025-04-24
CVE-2024-11084 Potential Username Enumeration in Helix ALM — Helix ALM 5.3AIMediumAI2025-04-15
CVE-2025-0361 AXIS OS 安全漏洞 — AXIS OS 4.3 Medium2025-04-08
CVE-2025-31124 Zitadel allows User Enumeration by loginname attribute normalization — zitadel 5.3 Medium2025-03-31
CVE-2024-51477 IBM InfoSphere Information Server information disclosure — InfoSphere Information Server 4.3 Medium2025-03-28
CVE-2025-1468 CODESYS Control V3 - OPC UA Server Authentication bypass — CODESYS Runtime Toolkit 7.5 High2025-03-18
CVE-2025-29780 Post-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix Operations — PostQuantum-Feldman-VSS 5.3 -2025-03-14
CVE-2024-41760 IBM Common Cryptographic Architecture information disclosure — Common Cryptographic Architecture 3.7 Low2025-03-11
CVE-2023-37482 Siemens SIMATIC S7-1200和SIMATIC S7-1500 安全漏洞 — SIMATIC Drive Controller CPU 1504D TF 5.3 Medium2025-02-11
CVE-2024-45089 IBM Sterling B2B Integrator information disclosure — Sterling B2B Integrator 4.3 Medium2025-01-31
CVE-2025-21336 Windows Cryptographic Information Disclosure Vulnerability — Windows 10 Version 1507 5.6 Medium2025-01-14
CVE-2024-54002 Dependency-Track allows enumeration of managed users via /api/v1/user/login endpoint — dependency-track 5.3 Medium2024-12-04
CVE-2020-26062 Cisco Integrated Management Controller Username Enumeration Vulnerability — Cisco Unified Computing System (Managed) 5.3 Medium2024-11-18
CVE-2024-49358 ZimaOS vulnerable to Username Enumeration via API Responses — ZimaOS 5.3 Medium2024-10-24

Vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露) represent 129 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.